CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2020/01/23 23:52:29 Modified files: . : sparc64.html Log message: Also remove the 5-years-gone lofn(4) from the sparc64 hardware compatibility list.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 23:45:09 Modified files: lib/libssl : tls13_handshake.c Log message: Preserve the TLS transcript at additional points. This is needed for the TLSv1.3 server and will also be needed for client certificate authentication. Note that we preserve on receive but before recording the new handshake message, whereas we preserve on send after recording the new handshake message. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2020/01/23 23:42:13 Modified files: sys/net: if_pppx.c Log message: add pf.h include for NPF > 0 use added in rev 1.71 ok dlg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chel...@cvs.openbsd.org 2020/01/23 23:31:17 Modified files: sys/kern : subr_pool.c Log message: pool(9): replace custom TAILQ concatenation loops with TAILQ_CONCAT(3) TAILQ_CONCAT(3) apparently wasn't in-tree when this code was written. Using it leaves us with less code *and* better performance. ok tedu@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2020/01/23 23:27:10 Modified files: faq: current.html Log message: note the retirement of rebound
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 23:19:01 Removed files: usr.sbin/rebound: Makefile https.c randomid.c rebound.8 rebound.c Log message: progress on rebound has been stalled long enough it's time to fade away.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 23:17:38 Modified files: etc: Makefile group master.passwd rc rc.conf etc/mail : aliases Removed files: etc/rc.d : rebound Log message: retire rebound etc bits to the attic
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 23:16:48 Modified files: share/man/man5 : resolv.conf.5 Log message: re{move,bound,ference}
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 23:15:36 Modified files: regress/usr.sbin: Makefile Removed files: regress/usr.sbin/rebound: Makefile cache.sh localhost.sh rebound-ns.c record.sh reload.sh run.sh Log message: re{move,bound,gress}
Re: CVS: cvs.openbsd.org: www
On Thu, Jan 23, 2020 at 10:59:53PM -0700, Kurt Mosiejczuk wrote: > CVSROOT: /cvs > Module name: www > Changes by: k...@cvs.openbsd.org2020/01/23 22:59:53 > > Modified files: > . : macppc.html > > Log message: > lofn(4) has been gone for 5 years. Let's take it off the list of > hardware supported for macppc. I also pulled out the listing for the mc(4) driver for old world macs
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: k...@cvs.openbsd.org2020/01/23 22:59:53 Modified files: . : macppc.html Log message: lofn(4) has been gone for 5 years. Let's take it off the list of hardware supported for macppc.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2020/01/23 22:46:00 Modified files: usr.sbin/bgpctl: bgpctl.c output.c Log message: Extend 'bgpctl show neighbor' to include the received and sent prefix count. Also show the max-prefix out limit if one is set. OK job@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2020/01/23 22:44:05 Modified files: usr.sbin/bgpd : bgpd.conf.5 bgpd.h parse.y printconf.c rde.c rde.h rde_peer.c rde_update.c session.c session.h Log message: Implement 'max-prefix NUM out' to limit the number of announced prefixes. This is an easy safety switch to not leak full tables to upstreams and peers. If the limit is hit a Cease notification is sent and the session is closed. This implements most of https://tools.ietf.org/html/draft-sa-idr-maxprefix-00 OK job@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: ratc...@cvs.openbsd.org 2020/01/23 22:38:33 Modified files: sys/dev: audio.c Log message: Rename audio_mixer_{read,write} to audio_mixer_{get,set}. The audio_mixer_{read,write} names are misleading: these functions are not the methods of the read and write syscalls. No object change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 22:33:01 Modified files: usr.bin/ssh: ssh-keygen.c Log message: minor tweaks to ssh-keygen -Y find-principals: emit matched principals one per line to stdout rather than as comma- separated and with a free-text preamble (easy confusion opportunity) emit "not found" error to stderr fix up argument testing for -Y operations and improve error message for unsupported operations
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2020/01/23 22:27:32 Modified files: sys/arch/amd64/amd64: efifb.c locore0.S machdep.c pmap.c sys/arch/amd64/include: pmap.h Log message: Machines have started to appear that have the framebuffer at an address > 4GB. On these machines we can't use the direct map since early on during boot the direct map only covers the first 4GB of memory. Instead, use a special (and temporary) mapping until we remap the framebuffer near the start of autoconf. With lots of help from mlarkin@ tested by yasuoka@ ok mlarkin@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2020/01/23 22:14:52 Modified files: sys/arch/amd64/amd64: conf.c sys/arch/i386/i386: conf.c sys/conf : files sys/dev/gpio : files.gpio sys/dev/isa: files.isa sys/dev/pv : files.pv pvbus.c sys/dev/usb: files.usb sys/net: if.c if_enc.c if_mpe.c sys/netmpls: mpls_input.c sys/scsi : files.scsi Log message: cleanup unused headers generated by config ok tedu@ krw@ deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 22:11:34 Modified files: usr.sbin : Makefile Log message: unlink rebound. its future is quite limited.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 22:11:34 Modified files: lib/libssl : tls13_lib.c Log message: Permit 0 length writes, because openssl s_client is special ok jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2020/01/23 22:08:02 Modified files: share/man/man4 : bmtphy.4 icsphy.4 inphy.4 lxtphy.4 nsphy.4 nsphyter.4 qsphy.4 sqphy.4 Log message: "high-performance Ethernet" -> "Ethernet" ok tedu@ kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 21:47:09 Removed files: sys/arch/macppc/dev: mesh.c share/man/man4/man4.macppc: mesh.4 Log message: mesh(4) is old world and only new world macppc hardware is supported. ok tedu@ jsg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 21:47:14 Modified files: lib/libssl : tls13_server.c Log message: Store the legacy session identifier from the ClientHello so we can actually echo it. ok beck@ tb@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2020/01/23 21:46:10 Modified files: . : macppc.html Log message: we probably don't really support old world macs, remove mention. ok krw
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 21:44:14 Modified files: distrib/sets/lists/man: mi share/man/man4/man4.macppc: Makefile macobio.4 sys/arch/macppc/conf: GENERIC RAMDISK files.macppc Log message: mesh(4) is old world and only new world macppc hardware is supported. ok tedu@ jsg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 21:43:09 Modified files: lib/libssl : tls13_handshake.c tls13_internal.h tls13_server.c Log message: Switch to encrypted records in the TLSv1.3 server. This adds code to perform key derivation and set the traffic keys once the ServerHello message has been sent, enabling encrypted records. ok beck@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 21:39:44 Modified files: lib/libssl : tls13_lib.c Log message: Enable SSL_ENC_FLAG_SIGALGS on TLSv1_3_enc_data. This means that we actually try to process and use signature algorithms. ok beck@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 21:38:12 Modified files: lib/libssl : ssl_ciph.c Log message: Add strings for SSL_aTLS1_3 and SSL_kTLS1_3 to SSL_CIPHER_description(). Mkaes `openssl ciphers -v` print au and kx values for TLSv1.3 cipher suites. ok beck@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 21:36:29 Modified files: lib/libssl : tls13_internal.h tls13_lib.c tls13_record_layer.c Log message: Fix breakage in SSL_connect, SSL_accept, etc. by not propagating new retry conditions from the record layer all the way up to the callers. Instead we catch them at the top of the record layer and retry the operations, unless we actually got a retry indicated from actual IO operations. ok jsing@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chel...@cvs.openbsd.org 2020/01/23 21:03:11 Modified files: sys/dev/i2c: ihidev.c Log message: ihidev(4): tsleep(9) -> tsleep_nsec(9); ok mpi@ jcs@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 20:49:34 Modified files: sys/msdosfs: msdosfs_vfsops.c Log message: remove a notyet that remains more not than yet after 25 years. ok krw
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 20:29:55 Modified files: sys/dev/pci: auixp.c cs4280.c if_alcreg.h pciide.c plx9060var.h Log message: remove some ifdef notyet code that doesn't seem to be moving forward... some ok ratchov
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2020/01/23 20:05:14 Modified files: sys/conf : files Removed files: sys/dev/ic : ncr5380reg.h ncr5380sbc.c ncr5380var.h Log message: remove unreferenced ncr5380 driver files ok jsg
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 20:01:11 Removed files: sys/dev: flash.c flashvar.h Log message: Double tap the actual Zaurus zombies. ok tedu@ jsg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 19:56:35 Modified files: distrib/sets/lists/comp: mi sys/conf : files Log message: Nuke references to zaurus zombies. ok tedu@ jsg@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: yasu...@cvs.openbsd.org 2020/01/23 19:14:09 Modified files: sbin/isakmpd : monitor.c Log message: Fix isakmpd monitor process to use the exit status of main process when exiting. "make sense" deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2020/01/23 19:09:51 Modified files: etc/skel : dot.cshrc dot.profile Log message: revert previous; guenther noted that the csh(1) part belongs in dot.login because each invocation will grow the path, but that exposed an interaction with loginShell:true in our dot.Xdefaults...
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 18:45:31 Modified files: sys/net: if_tun.c Log message: move to if_vinput() in tun_dev_write. this means tun doesn't queue the packet on input for the network stack to process, it's pushed through as part of the write into the kernel. discussed at length with claudio@ who agrees that avoiding a queue, and charging the writing process with the work associated with the packet, are both reasonable (good) things to do.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 18:36:22 Modified files: sys/net: if_tun.c Log message: provide a tun_input() interface input handler for tun(4) packets. this makes tun(4) more like tap(4). it now relies on the network stack to set the rcvif, rdomain, count the packets, and lock appropriately. right now it also means we consistently use if input queues for both tun and tap, and return backpressure at the same points. the tun_input handler is then responsible for pulling the "link" header off the packet and shoving it it into the various protocol handlers as appropriate. a consequence of having the stack count the bytes before tun_input strips the header is ibytes now includes the 4 byte AF header. however, this makes tun input consistent with the accounting on tun output, which included those 4 bytes anyway.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2020/01/23 18:29:23 Modified files: regress/usr.bin/ssh: test-exec.sh Log message: Do not warn about permissions on symlinks.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 18:17:22 Modified files: sys/net: if_tun.c Log message: change tun_dev_write to allocate one mbuf and cluster for the whole packet. this is instead of possibly allocating a change of mbufs and MCLBYTE sized clusters, and doing uiomove in a loop. while here add max_linkhdr space to the front of the allocated mbuf to help if we're forwarding the frame out some other interface.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 17:54:16 Modified files: sbin/dhclient : dhclient.c Log message: Allow carp(4) interfaces to be configured via dhcp. Original diff & testing from dtucker@ ok beck@ dtucker@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 17:28:57 Modified files: usr.bin/ssh: myproposal.h Log message: remove ssh-rsa (SHA1) from the list of allowed CA signature algorithms ok markus
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 17:27:04 Modified files: usr.bin/ssh: ssh-keygen.c Log message: when signing a certificate with an RSA key, default to a safe signature algorithm (rsa-sha-512) if not is explicitly specified by the user; ok markus@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 17:00:31 Modified files: usr.bin/ssh: ssh-keygen.c Log message: allow PEM export of DSA and ECDSA keys; bz3091, patch from Jakub Jelen ok markus@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:43:49 Modified files: sys/net: if_tun.c Log message: simplify the uiomove loop in tun_dev_read.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:36:18 Modified files: sys/net: if_tun.c Log message: don't need to manage TUN_NBIO ourselves, we get IO_NDELAY for free. as long as we don't error when open/ioctl/read/write have IO_NDELAY set, the fd (vfs?) layer seems to keep track of it fine for us.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:31:52 Modified files: usr.bin/ssh: ssh-keygen.1 ssh-keygen.c sshsig.c sshsig.h Log message: ssh-keygen -Y find-principals fixes based on feedback from Markus: use "principals" instead of principal, as allowed_signers lines may list multiple. When the signing key is a certificate, emit only principals that match the certificate principal list. NB. the command -Y name changes: "find-principal" => "find-principals" ok markus@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:30:41 Modified files: sys/net: if_tun.c Log message: provide a custom if_enqueue handler. tun and tap now queue a packet on output (for userland to read) on the if send queue, and then directly call tun_wakeup to tell userland about it. this bypasses calling the ifq serialiser machinery which then calls tun_start, which then calls tun_wakeup.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:22:47 Modified files: sys/net: if_tun.c Log message: remove IFCAP_VLAN_MTU from tap(4). it's a lie. there's no magical extra space for tap to carry a VLAN tag up to userland, you need to put it in the packet, and it takes up space.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 16:20:54 Modified files: sys/net: if_tun.c Log message: unify the tun and tap output and read behaviour. let tap use ether_output directly, and then cut back tun_output so it does the same things that ether_output does. specifically, this means tun_output now only prepends the packet with the "link" header, and no longer runs BPF for outgoing packets. running BPF for tun packets in output used to be needed because pipex used to get a chance to steal the packet at this point, but you would still want to see the packet in tcpdump output. now BPF is handled in tun_dev_read for both tun and tap.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2020/01/23 16:10:04 Modified files: sys/dev/fdt: sxitemp.c sys/dev/ofw: ofw_thermal.c ofw_thermal.h Log message: Make thermal framework support in sxitemp(4) interrupt driven such that it works with future Linux device trees. ok patrick@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2020/01/23 15:39:35 Modified files: sbin/dhclient : dhclient.c dhcpd.h Log message: Separate command line syntax parsing from semantic validation of command line contents. Display usage() when syntax is incorrect and relevant error messages when semantic checks fail. More akin to the way other commands handle the syntax/semantic split. Idea taken from a larger diff by kn@. ok kn@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 15:32:07 Modified files: sys/net: if_tun.c Log message: mild whitespace massaging. no functional change.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2020/01/23 15:27:18 Modified files: sys/net: if_tun.c Log message: don't prototype the cdev entrypoints, sys/conf.h already does it.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2020/01/23 13:56:11 Modified files: etc/skel : dot.cshrc dot.profile Log message: Extend PATH from login(1)/setusercontext(3) instead of overriding. OK millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: ratc...@cvs.openbsd.org 2020/01/23 13:55:01 Modified files: usr.bin/sndiod : listen.c Log message: Remove unused sys/signal.h include.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2020/01/23 11:19:24 Modified files: share/man/man7 : environ.7 Log message: /usr/local/sbin was added in at least 2014 to login.conf's 'path' entry in the 'default' class; also added to _PATH_DEFPATH in 2019. Update PATH accordingly. OK millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chel...@cvs.openbsd.org 2020/01/23 07:38:59 Modified files: sys/kern : subr_pool.c Log message: pool(9): pl_sleep(): drop unused timeout argument All sleeps have been indefinite since introduction of this interface ~5 years ago, so remove the timeout argument and make indefinite sleeps implicit. While here: *sleep(9) -> *sleep_nsec(9) "i don't think we're going to use timeouts [here]" tedu@, ok mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 04:57:20 Modified files: lib/libssl : tls13_internal.h tls13_lib.c tls13_server.c Log message: Implement client hello processing in the TLSv1.3 server. ok beck@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 04:47:13 Modified files: lib/libssl : tls13_server.c Log message: Correct several issues in the current TLSv1.3 server code. Correct the parsing of the client hello support versions extension. This has one or more values, rather than just the single selected version. Allocate an SSL_SESSION - this is unused currently, but is needed as soon as we start parsing extensions. Also, pull the cipher suites list off correctly - this is u16 prefixed, not u8. ok beck@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2020/01/23 04:19:12 Modified files: regress/usr.bin/ssh: proxy-connect.sh putty-transfer.sh Log message: Handle zlib compression being disabled now that it's optional.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 04:06:59 Modified files: lib/libssl : tls13_client.c Log message: When certificate validation fails, we must send a DECRYPT_ERROR alert according to RFC8446. ok jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2020/01/23 03:53:04 Modified files: usr.bin/ssh: packet.c Log message: Fix typo in comment.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 03:48:37 Modified files: lib/libssl : d1_clnt.c ssl_both.c ssl_clnt.c ssl_locl.h ssl_methods.c ssl_srvr.c Log message: Remove the ssl_get_message function pointer from SSL_METHOD_INTERNAL. ssl_get_message is essentially a switch between ssl3_get_message and dtls1_get_message, both only used by the legacy stack. Instead, use SSL_IS_DTLS() in ssl3_get_message to call the DTLS function when necessary. ok beck@ inoguchi@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 03:48:36 Modified files: lib/libssl : tls13_server.c Log message: Implement sending client certificate requests for 1.3 server ok jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: js...@cvs.openbsd.org 2020/01/23 03:40:59 Modified files: lib/libssl : s3_lib.c ssl_lib.c ssl_locl.h tls13_lib.c Log message: Correctly handle TLSv1.3 ciphers suites in ssl3_choose_cipher(). Currently, TLSv1.3 cipher suites are filtered out by the fact that they have authentication and key exchange algorithms that are not being set in ssl_set_cert_masks(). Fix this so that ssl3_choose_cipher() works for TLSv1.3, however we also now need to ensure that we filter out TLSv1.3 for non-TLSv1.3 and only select TLSv1.3 for TLSv1.3. ok beck@ tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2020/01/23 03:24:30 Modified files: usr.bin/ssh: Makefile.inc cipher.c cipher.h kex.c packet.c readconf.c servconf.c ssh.c sshconnect2.c usr.bin/ssh/ssh: Makefile usr.bin/ssh/ssh-keyscan: Makefile usr.bin/ssh/ssh-keysign: Makefile usr.bin/ssh/sshd: Makefile Log message: Make zlib optional. This adds a "ZLIB" build time option that allows building without zlib compression and associated options. With feedback from markus@, ok djm@
Embedded Software Manager / Cambridge / C, C++, RTOS required (Ref#RTRS#724433)
Hi .,I am contacting you from Real Time Recruitment Solutions, a specialist recruitment consultancy dedicated to providing permanent and contract staff to the IT and Engineering sectors throughout the UK. We are looking for a number of people who match the criteria of the following job spec, if this position matches your profile please send me a word version of your CV quoting your salary requirements and availability.If this position is not suitable, I would really be grateful if you could pass this email onto anyone else who you think may be relevant. Alternatively www.rtrs.co.uk enables you to search all the jobs we currently have available.-Salary: £70,000 - £100,000Location: Cambridge Job Spec: We're on the hunt for our most senior appointment in embedded software, an engineer well versed in architecting, developing and debugging who is happy to take on the mantle of both a hands-on contributor and senior manager driving the international growth of the business. Our client is one of the most rapidly growing businesses in Cambridge, breaking out into several regions during 2019, now boasting offices around the globe. With ambitious plans to continue this growth, the successful candidate will take charge of embedded software operations across these offices whilst also maintaining a hands-on approach at home in Cambridge. This is an exciting opportunity for a highly skilled engineer with a history of managing teams to join the company and serve a critical role in this growth journey.Key things you will need:> Extensive coverage of embedded software development> Extensive coverage of C/C++> Coverage of both bare-metal and RTOS programming> A demonstrated history of team management and leadershipIt would also be beneficial to have: > Knowledge of, and ideally commercial application of Python> History of client management such as commissioning, consulting etc.> Interest in, and ideally knowledge of big data and machine learning developments The company offers a fast-moving, progressive environment where a culture of minimal bureaucracy is adopted. You will be afforded as much responsibility as you are comfortable taking, with a great deal of opportunity to propose new ideas and shape the company's future. Salaries are open to negotiation, but the company are willing to consider profiles up to around £100,000. Industry standard holidays and benefits apply, as do opportunities for flexible working hours, flexible holidays and working from home.For any questions or to discuss the role further, please call Joe at Real Time Recruitment Solutions (RTRS) or apply directly with your CV. Interviews available immediately. -To apply, please email your CV to me and I will ring you back with more details.Kind Regards, Kind regardsJoe Draper Senior Recruitment ConsultantReal Time Recruitment SolutionsTel: 01925 283110 joe.dra...@rtrs.co.ukwww.rtrs.co.uk View my LinkedIn profile If this job specification is unsuitable, the details that we have are probably out of date or incomplete. Please click here to update. If you have found a job, are currently in a contract, or want to be removed from the database, please click here EARN £250 for every friend, colleague or business you refer to Real Time Recruitment Solutions - click here for more information Please Note: Telephone calls and emails may be recorded or monitored and used for training and quality control purposes. Evolution reserves the right to use these recordings to aid the resolution of any disputes that may arise. This email contains information which is confidential and may be privileged. Unless you are the intended addressee (or authorised to receive for the addressee) you may not use, forward, copy or disclose to anyone this email or any information contained in this email. If you have received this email in error, please advise the sender by reply email immediately and delete this email. If you would like to understand more about how we use your data please see our privacy notice here. You can find our full telephone recording policy here. Real Time Recruitment Solutions is the licensed trading name of Evolution Recruitment Solutions Ltd | Registered Office: The Genesis Centre, Garrett Field, Birchwood, Cheshire WA3 7BH | Registered in England no: 3990096 | VAT number: 748 8265 83
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dtuc...@cvs.openbsd.org 2020/01/23 03:19:59 Modified files: regress/usr.bin/ssh: test-exec.sh Log message: When checking for unsafe directories, ignore non-directories (ie symlinks, where permissions are not relevant).
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2020/01/23 03:01:41 Modified files: sys/dev/fdt: axppmic.c Log message: Fix the mask that we applied when setting the voltage. ok jsg@, patrick@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 01:44:31 Modified files: lib/libssl : tls13_server.c Log message: Build the encrypted extensions for the 1.3 server ok jsing@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2020/01/23 01:16:02 Modified files: usr.sbin/bind/lib/isc/unix: socket.c Log message: Remove overly complicated set_rcvbuf. Very likely not needed in dig et al. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2020/01/23 01:15:04 Modified files: usr.sbin/bind/lib/isc: socket_api.c usr.sbin/bind/lib/isc/include/isc: socket.h usr.sbin/bind/lib/isc/unix: socket.c Log message: Remove socket types that we are not going to use, like AF_UNIX sockets. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: flor...@cvs.openbsd.org 2020/01/23 01:14:12 Modified files: usr.sbin/bind/bin/dig: dighost.c usr.sbin/bind/lib/isc/unix: net.c usr.sbin/bind/lib/isc/unix/include/isc: net.h Log message: We can always create IPv4 and IPv6 sockets. While here cleanup net.h. OK deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2020/01/23 01:04:50 Modified files: lib/libssl : ssl_srvr.c Log message: If we are building a legacy server hello, check to see if we are downgrading from TLS 1.3. If we are, set the last 8 bytes of the server_random value to the required values as per RFC 8446 section 4.1.3 indicating that we deliberately meant to downgrade. ok jsing@